From 08f9dec28e35293c41ef834feb80e117c281c5c0 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 13 Oct 2025 15:26:50 +0000 Subject: [PATCH 1/4] Initial plan From ef8953e8f420f255a2e5b4c257e82581bd11011a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 13 Oct 2025 15:32:27 +0000 Subject: [PATCH 2/4] Initial analysis of documentation inconsistencies Co-authored-by: lacraig2 <7518336+lacraig2@users.noreply.github.com> --- src/penguin.egg-info/PKG-INFO | 19 +++++++++++ src/penguin.egg-info/SOURCES.txt | 39 +++++++++++++++++++++++ src/penguin.egg-info/dependency_links.txt | 1 + src/penguin.egg-info/entry_points.txt | 6 ++++ src/penguin.egg-info/not-zip-safe | 1 + src/penguin.egg-info/requires.txt | 2 ++ src/penguin.egg-info/top_level.txt | 1 + 7 files changed, 69 insertions(+) create mode 100644 src/penguin.egg-info/PKG-INFO create mode 100644 src/penguin.egg-info/SOURCES.txt create mode 100644 src/penguin.egg-info/dependency_links.txt create mode 100644 src/penguin.egg-info/entry_points.txt create mode 100644 src/penguin.egg-info/not-zip-safe create mode 100644 src/penguin.egg-info/requires.txt create mode 100644 src/penguin.egg-info/top_level.txt diff --git a/src/penguin.egg-info/PKG-INFO b/src/penguin.egg-info/PKG-INFO new file mode 100644 index 000000000..12c051b3e --- /dev/null +++ b/src/penguin.egg-info/PKG-INFO @@ -0,0 +1,19 @@ +Metadata-Version: 2.1 +Name: penguin +Version: 0.0.1 +Summary: Automated IGLOO rehosting +Home-page: https://github.com/panda-re/igloo +Author: MIT Lincoln Laboratory +Author-email: andrew.fasano@ll.mit.edu +License: MIT +Keywords: igloo +Platform: any +Classifier: Development Status :: 4 - Beta +Classifier: Intended Audience :: Developers +Classifier: License :: OSI Approved :: MIT License +Classifier: Programming Language :: Python :: 3 +Classifier: Programming Language :: Python :: 3.8 +Classifier: Programming Language :: Python :: 3.9 +Classifier: Programming Language :: Python :: 3.10 +Requires-Python: >=3.8 +Description-Content-Type: text/markdown diff --git a/src/penguin.egg-info/SOURCES.txt b/src/penguin.egg-info/SOURCES.txt new file mode 100644 index 000000000..5fba5a9c3 --- /dev/null +++ b/src/penguin.egg-info/SOURCES.txt @@ -0,0 +1,39 @@ +setup.cfg +setup.py +penguin/__init__.py +penguin/__main__.py +penguin/abi_info.py +penguin/analyses.py +penguin/arch.py +penguin/common.py +penguin/config_patchers.py +penguin/debug.py +penguin/defaults.py +penguin/gen_config.py +penguin/gen_image.py +penguin/genetic.py +penguin/graph_search.py +penguin/graphs.py +penguin/llm.py +penguin/manager.py +penguin/patch_minimizer.py +penguin/patch_search.py +penguin/penguin_prep.py +penguin/penguin_run.py +penguin/plugin_manager.py +penguin/q_config.py +penguin/search_utils.py +penguin/static_analyses.py +penguin/utils.py +penguin.egg-info/PKG-INFO +penguin.egg-info/SOURCES.txt +penguin.egg-info/dependency_links.txt +penguin.egg-info/entry_points.txt +penguin.egg-info/not-zip-safe +penguin.egg-info/requires.txt +penguin.egg-info/top_level.txt +penguin/penguin_config/__init__.py +penguin/penguin_config/gen_docs.py +penguin/penguin_config/structure.py +penguin/penguin_config/versions/__init__.py +penguin/penguin_config/versions/v2.py \ No newline at end of file diff --git a/src/penguin.egg-info/dependency_links.txt b/src/penguin.egg-info/dependency_links.txt new file mode 100644 index 000000000..8b1378917 --- /dev/null +++ b/src/penguin.egg-info/dependency_links.txt @@ -0,0 +1 @@ + diff --git a/src/penguin.egg-info/entry_points.txt b/src/penguin.egg-info/entry_points.txt new file mode 100644 index 000000000..248774ca8 --- /dev/null +++ b/src/penguin.egg-info/entry_points.txt @@ -0,0 +1,6 @@ +[console_scripts] +gen_config = penguin.gen_config:main +gen_image = penguin.gen_image:makeImage +penguin = penguin.__main__:main +penguin_mgr = penguin.manager:main +penguin_run = penguin.penguin_run:main diff --git a/src/penguin.egg-info/not-zip-safe b/src/penguin.egg-info/not-zip-safe new file mode 100644 index 000000000..8b1378917 --- /dev/null +++ b/src/penguin.egg-info/not-zip-safe @@ -0,0 +1 @@ + diff --git a/src/penguin.egg-info/requires.txt b/src/penguin.egg-info/requires.txt new file mode 100644 index 000000000..1a4a25a8e --- /dev/null +++ b/src/penguin.egg-info/requires.txt @@ -0,0 +1,2 @@ +jsonschema +pyyaml diff --git a/src/penguin.egg-info/top_level.txt b/src/penguin.egg-info/top_level.txt new file mode 100644 index 000000000..e659768e0 --- /dev/null +++ b/src/penguin.egg-info/top_level.txt @@ -0,0 +1 @@ +penguin From 5fcb842b2bc8a3942ac3a0ae486dacd6580d3e33 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 13 Oct 2025 15:36:50 +0000 Subject: [PATCH 3/4] Fix documentation inconsistencies and typos Co-authored-by: lacraig2 <7518336+lacraig2@users.noreply.github.com> --- .gitignore | 3 +- docs/playbook.md | 14 ++++++-- docs/schema_doc.md | 4 +-- src/penguin.egg-info/PKG-INFO | 19 ----------- src/penguin.egg-info/SOURCES.txt | 39 ----------------------- src/penguin.egg-info/dependency_links.txt | 1 - src/penguin.egg-info/entry_points.txt | 6 ---- src/penguin.egg-info/not-zip-safe | 1 - src/penguin.egg-info/requires.txt | 2 -- src/penguin.egg-info/top_level.txt | 1 - src/penguin/penguin_config/structure.py | 4 +-- 11 files changed, 17 insertions(+), 77 deletions(-) delete mode 100644 src/penguin.egg-info/PKG-INFO delete mode 100644 src/penguin.egg-info/SOURCES.txt delete mode 100644 src/penguin.egg-info/dependency_links.txt delete mode 100644 src/penguin.egg-info/entry_points.txt delete mode 100644 src/penguin.egg-info/not-zip-safe delete mode 100644 src/penguin.egg-info/requires.txt delete mode 100644 src/penguin.egg-info/top_level.txt diff --git a/.gitignore b/.gitignore index 590d725cc..ce26650da 100644 --- a/.gitignore +++ b/.gitignore @@ -12,4 +12,5 @@ tests/unit_tests/test_target/config.yaml penguin.sif fw db/events.* -local_packages/* \ No newline at end of file +local_packages/* +*.egg-info/ \ No newline at end of file diff --git a/docs/playbook.md b/docs/playbook.md index 43709cc45..004147648 100644 --- a/docs/playbook.md +++ b/docs/playbook.md @@ -86,7 +86,7 @@ Beyond allowing you to add pseudofiles into a system, penguin also allows you to specify how `read`s, `write`s, and `ioctl`s of these files should be modeled. After adding a pseudofile to a config and running it, you might see -guest applications try to interact with this newly created psueodfile. The +guest applications try to interact with this newly created pseudofile. The `pseudofiles` plugin will collect the details of these accesses in the `pseudofiles_modeled.yaml`. In this file, you'll see keys of device paths with a list of interactions that @@ -99,6 +99,10 @@ following descriptions may be of value. #### Read modeling +**zero**: Read a zero (returns a single zero byte). + +**empty**: Read an empty file (returns empty data). + **default**: Return an empty string with return value `-EINVAL`. **const_buf**: Given some string in `val` model the file as containing that data. @@ -111,6 +115,8 @@ Provide a dictionary in `vals` with keys as an integer offset into the buffer an **from_file**: Given a host (container) file path in `filename` read from that file +**from_plugin**: Read from a custom PyPlugin. Specify the `plugin` name and optionally the `function` to call (defaults to `read`). + #### Write modeling **default**: Return value `-EINVAL` @@ -119,6 +125,8 @@ Provide a dictionary in `vals` with keys as an integer offset into the buffer an **to_file**: Given a host (container) file path in `filename` write to that file +**from_plugin**: Write to a custom PyPlugin. Specify the `plugin` name and optionally the `function` to call (defaults to `write`). + #### IOCTL modeling IOCTLs have a command number and each command can be modeled distinctly. A wildcard `*` can be used as a command number to indicate that all other ioctls should be modeled in a given way. @@ -129,10 +137,10 @@ IOCTLs have a command number and each command can be modeled distinctly. A wildc **return_symex**: Coming soon. ### How to model pseudofiles: -In your config file, you'll insert new keys udner `pseudofiles` for each file you want to model. By specifying a key (which must start with `/dev/` or `/proc/`), you'll +In your config file, you'll insert new keys under `pseudofiles` for each file you want to model. By specifying a key (which must start with `/dev/` or `/proc/`), you'll change the system so that a pseudofile is present at the specified location. If this is all you wish to do, you'll specify the key as having a value of `{}`. -Otherwise, if you'd like to model the behavior of the pseudofile, you'll add one or more subkeys of `read`, `write,` and `ioctl` and specify the model details. +Otherwise, if you'd like to model the behavior of the pseudofile, you'll add one or more subkeys of `read`, `write`, and `ioctl` and specify the model details. To just add `/dev/missing` into the filesystem: diff --git a/docs/schema_doc.md b/docs/schema_doc.md index 131ba9738..0edf730fd 100644 --- a/docs/schema_doc.md +++ b/docs/schema_doc.md @@ -700,10 +700,10 @@ How to handle writes to the file |__Type__|string| -##### `pseudofiles..write.` Read from a custom PyPlugin +##### `pseudofiles..write.` Write to a custom PyPlugin -###### `pseudofiles..write..model` Write modelling method (read from a custom pyplugin) +###### `pseudofiles..write..model` Write modelling method (write to a custom pyplugin) ||| |-|-| diff --git a/src/penguin.egg-info/PKG-INFO b/src/penguin.egg-info/PKG-INFO deleted file mode 100644 index 12c051b3e..000000000 --- a/src/penguin.egg-info/PKG-INFO +++ /dev/null @@ -1,19 +0,0 @@ -Metadata-Version: 2.1 -Name: penguin -Version: 0.0.1 -Summary: Automated IGLOO rehosting -Home-page: https://github.com/panda-re/igloo -Author: MIT Lincoln Laboratory -Author-email: andrew.fasano@ll.mit.edu -License: MIT -Keywords: igloo -Platform: any -Classifier: Development Status :: 4 - Beta -Classifier: Intended Audience :: Developers -Classifier: License :: OSI Approved :: MIT License -Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.8 -Classifier: Programming Language :: Python :: 3.9 -Classifier: Programming Language :: Python :: 3.10 -Requires-Python: >=3.8 -Description-Content-Type: text/markdown diff --git a/src/penguin.egg-info/SOURCES.txt b/src/penguin.egg-info/SOURCES.txt deleted file mode 100644 index 5fba5a9c3..000000000 --- a/src/penguin.egg-info/SOURCES.txt +++ /dev/null @@ -1,39 +0,0 @@ -setup.cfg -setup.py -penguin/__init__.py -penguin/__main__.py -penguin/abi_info.py -penguin/analyses.py -penguin/arch.py -penguin/common.py -penguin/config_patchers.py -penguin/debug.py -penguin/defaults.py -penguin/gen_config.py -penguin/gen_image.py -penguin/genetic.py -penguin/graph_search.py -penguin/graphs.py -penguin/llm.py -penguin/manager.py -penguin/patch_minimizer.py -penguin/patch_search.py -penguin/penguin_prep.py -penguin/penguin_run.py -penguin/plugin_manager.py -penguin/q_config.py -penguin/search_utils.py -penguin/static_analyses.py -penguin/utils.py -penguin.egg-info/PKG-INFO -penguin.egg-info/SOURCES.txt -penguin.egg-info/dependency_links.txt -penguin.egg-info/entry_points.txt -penguin.egg-info/not-zip-safe -penguin.egg-info/requires.txt -penguin.egg-info/top_level.txt -penguin/penguin_config/__init__.py -penguin/penguin_config/gen_docs.py -penguin/penguin_config/structure.py -penguin/penguin_config/versions/__init__.py -penguin/penguin_config/versions/v2.py \ No newline at end of file diff --git a/src/penguin.egg-info/dependency_links.txt b/src/penguin.egg-info/dependency_links.txt deleted file mode 100644 index 8b1378917..000000000 --- a/src/penguin.egg-info/dependency_links.txt +++ /dev/null @@ -1 +0,0 @@ - diff --git a/src/penguin.egg-info/entry_points.txt b/src/penguin.egg-info/entry_points.txt deleted file mode 100644 index 248774ca8..000000000 --- a/src/penguin.egg-info/entry_points.txt +++ /dev/null @@ -1,6 +0,0 @@ -[console_scripts] -gen_config = penguin.gen_config:main -gen_image = penguin.gen_image:makeImage -penguin = penguin.__main__:main -penguin_mgr = penguin.manager:main -penguin_run = penguin.penguin_run:main diff --git a/src/penguin.egg-info/not-zip-safe b/src/penguin.egg-info/not-zip-safe deleted file mode 100644 index 8b1378917..000000000 --- a/src/penguin.egg-info/not-zip-safe +++ /dev/null @@ -1 +0,0 @@ - diff --git a/src/penguin.egg-info/requires.txt b/src/penguin.egg-info/requires.txt deleted file mode 100644 index 1a4a25a8e..000000000 --- a/src/penguin.egg-info/requires.txt +++ /dev/null @@ -1,2 +0,0 @@ -jsonschema -pyyaml diff --git a/src/penguin.egg-info/top_level.txt b/src/penguin.egg-info/top_level.txt deleted file mode 100644 index e659768e0..000000000 --- a/src/penguin.egg-info/top_level.txt +++ /dev/null @@ -1 +0,0 @@ -penguin diff --git a/src/penguin/penguin_config/structure.py b/src/penguin/penguin_config/structure.py index e73c20785..ca3de45b3 100644 --- a/src/penguin/penguin_config/structure.py +++ b/src/penguin/penguin_config/structure.py @@ -442,7 +442,7 @@ class Core(PartialModelMixin, BaseModel): ), dict( discrim_val="from_plugin", - title="Read from a custom PyPlugin", + title="Write to a custom PyPlugin", description=None, fields=( ("plugin", str, Field(title="Name of the loaded PyPlugin")), @@ -631,7 +631,7 @@ class LibInject(PartialModelMixin, BaseModel): Field( None, title="Function names to alias to existing library function shims", - descriptions="Mapping between new names (e.g., my_nvram_get) and existing library function shims (e.g., nvram_get)", + description="Mapping between new names (e.g., my_nvram_get) and existing library function shims (e.g., nvram_get)", ), ] From 4bcd4d8d6130041ac749f41c855c33d616a1e5af Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 13 Oct 2025 15:48:45 +0000 Subject: [PATCH 4/4] Fix additional spelling errors and documentation inconsistencies Co-authored-by: lacraig2 <7518336+lacraig2@users.noreply.github.com> --- docs/playbook.md | 2 +- docs/plugins.md | 6 +++--- docs/workflow.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/playbook.md b/docs/playbook.md index 004147648..449ca73a1 100644 --- a/docs/playbook.md +++ b/docs/playbook.md @@ -134,7 +134,7 @@ IOCTLs have a command number and each command can be modeled distinctly. A wildc **return_const**: Return the specified `val` -**return_symex**: Coming soon. +**symex**: Perform symbolic execution on the IOCTL to identify distinct reachable paths. This is an advanced feature that requires the symex plugin to be enabled. ### How to model pseudofiles: In your config file, you'll insert new keys under `pseudofiles` for each file you want to model. By specifying a key (which must start with `/dev/` or `/proc/`), you'll diff --git a/docs/plugins.md b/docs/plugins.md index 94e11eca4..074b600b3 100644 --- a/docs/plugins.md +++ b/docs/plugins.md @@ -13,7 +13,7 @@ The following penguin plugins are currently supported. Each is documented below. * [Pseudofiles](#pseudofiles): Model and monitor interactions to devices in `/dev` `/proc` and `/sys` * [Shell](#shell): Track behavior of shell scripts including lines executed * [VPNguin](#vpnguin): Bridge network connections to networked guest processes -* [Zap](#zap): **Currently disabled** Network scanning of guest web applications +* [ZAP](#zap): **Currently disabled** Network scanning of guest web applications ## Coverage This plugin tracks the module and offset block level coverage of all binaries @@ -31,7 +31,7 @@ If an env value is set to the magic string `DYNVALDYNVALDYNVAL` a dynamic analys to detect comparisons between this magic string and any other string will be enabled. The results of this analysis will be stored in `env_cmp.txt` -In a config file, a user may add key-value pairs into the `env` filed to set new +In a config file, a user may add key-value pairs into the `env` field to set new values into the linux environment. Note that a number of required internal variables (e.g., `root=/dev/vda`) will added to the system's arguments _after_ any arguments you specify here. @@ -51,7 +51,7 @@ reported in `iface.log`. Change output of uname syscall. Config Options: - `sysname`: changes operating system name -- `nodename`: changtes network node hostname +- `nodename`: changes network node hostname - `release`: changes the kernel release - `kversion`: changes the kernel version - `machine`: changes the machine hardware name diff --git a/docs/workflow.md b/docs/workflow.md index fcb2cd3c8..a3cf80205 100644 --- a/docs/workflow.md +++ b/docs/workflow.md @@ -73,7 +73,7 @@ The format of autogenerated configuration `./projects/stride/config.yaml` is doc highlighting: `core`: This section indicates project-wide settings such as the architecture. Within this section there are 3 notable options: -* `force_www`: if enabled, the rehosting will agressively attempt to start standard webservers +* `force_www`: if enabled, the rehosting will aggressively attempt to start standard webservers * `strace`: if enabled, every process in the system will have its system calls traced and logged to the output. * `show_output`: if this is set to true, console output will be shown on standard out of penguin. Otherwise console output will be logged into the results directory at `console.log`